The API

The API we will be using in the example gives access to user profiles. It has the following end points:

GET /profiles/{:username}

GET /profiles/details/{:username}

The profiles that we use for this example were generated using the Random User Generator and stored in a JSON file, for convenience for this example. In the real world, you never want to store user information in a file. All the code for this example is available on GitHub.

Structure of the User Profile

For this example, I specifically generated 500 random profiles with only a subset of fields - name, email, login and picture. With these fields, a profile has the following structure:

At this point, you can see the password and hash in there. As I explained above, you do not want to do this in a real application. As such, this example focuses on JWT and we are doing this purely for convenience.

The data models

The models for representing the data provided from the random user generator are as follows. We will be using the Lombok 1@Data annotation to stay away from having to write explicit setters and getters.